[Samba] Assigning Permissions on Member Server
mallapadi niranjan
niranjan.ashok at gmail.com
Tue Mar 7 09:27:45 GMT 2006
Dear all
I have a samba PDC (3.0.21c) with openldap (2.3.19) with 2 domain Member
Servers(samba 3.0.21c) with ACL support
i use domain member servers as file servers . all my clients are windows
2000 professional.
i have the following scenario at my
I have created 3 groups, prj1team, prj1mgr, prj1engg.
i have created folder called "myproject" in a samba share called projects.
myproject has a subdirectory called "alldepts".
now, no one can create files/folder in myproject directory but they can
create a files and folder in alldepts folder.
but i don't want anybody to delete the folder alldepts.
myproject\alldepts
i have set like this
setfacl -m g:prj1team:rx myproject
setfacl -m g:prj1mgr:rx myproject
setfacl -m g:prj1engg:rx myrproject
setfacl -m g:prj1mgr:rwx myproject/alldepts
setfacl -m g:prj1engg:rwx myrproject/alldeps
in the above permissions, people in group "prj1mgr"and "prj1engg" are able
to creat files/folders in alldepts.
and when they are in "myproject" directory and try to delete folder
"alldepts", it gives error access denied .
so far so good, this is what i want.
but when the user of group "prj1mgr" and "prj1engg"
delete folder "alldepts", it says access denied but it deletes all the
files and folder inside the "alldepts" directory .
ie it denies the user to delete "alldepts" directory but it does not deny
the user to delete
all the files and folders inside the alldepts..
Actually what i need is the folder "alldepts" is used by both groups
"prj1mgr" and "prj1engg" to create files and folder
and both these groups can delete each other files. but i want them to delete
file after changing to that directory (alldepts) , not from outside.
since i have mentioned
setfacl -m g:prj1mgr:rx myproject
setfacl -m g:prj1engg:rx myrproject
it does not allow to delete folder alldepts, but it deletes all files in
alldepts, that i don't want to happen.
Please guide me, i have tried to express my scenario , in best possible
way, hope every body understands.
Regards
Niranjan
Regards
Niranjan
More information about the samba
mailing list